CVE-2023-20048 - OpenCVE

Vendors	Products
Cisco	Firepower Management Center

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20048", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2022-10-27T18:47:50.318Z", "datePublished": "2023-11-01T17:04:34.895Z", "dateUpdated": "2024-08-02T08:57:35.642Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2024-01-25T16:57:38.670Z"}, "descriptions": [{"lang": "en", "value": "A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software."}], "affected": [{"vendor": "Cisco", "product": "Cisco Firepower Management Center", "versions": [{"version": "6.2.3", "status": "affected"}, {"version": "6.2.3.1", "status": "affected"}, {"version": "6.2.3.2", "status": "affected"}, {"version": "6.2.3.3", "status": "affected"}, {"version": "6.2.3.4", "status": "affected"}, {"version": "6.2.3.5", "status": "affected"}, {"version": "6.2.3.6", "status": "affected"}, {"version": "6.2.3.7", "status": "affected"}, {"version": "6.2.3.9", "status": "affected"}, {"version": "6.2.3.10", "status": "affected"}, {"version": "6.2.3.11", "status": "affected"}, {"version": "6.2.3.12", "status": "affected"}, {"version": "6.2.3.13", "status": "affected"}, {"version": "6.2.3.14", "status": "affected"}, {"version": "6.2.3.15", "status": "affected"}, {"version": "6.2.3.8", "status": "affected"}, {"version": "6.2.3.16", "status": "affected"}, {"version": "6.2.3.17", "status": "affected"}, {"version": "6.2.3.18", "status": "affected"}, {"version": "6.4.0", "status": "affected"}, {"version": "6.4.0.1", "status": "affected"}, {"version": "6.4.0.3", "status": "affected"}, {"version": "6.4.0.2", "status": "affected"}, {"version": "6.4.0.4", "status": "affected"}, {"version": "6.4.0.5", "status": "affected"}, {"version": "6.4.0.6", "status": "affected"}, {"version": "6.4.0.7", "status": "affected"}, {"version": "6.4.0.8", "status": "affected"}, {"version": "6.4.0.9", "status": "affected"}, {"version": "6.4.0.10", "status": "affected"}, {"version": "6.4.0.11", "status": "affected"}, {"version": "6.4.0.12", "status": "affected"}, {"version": "6.4.0.13", "status": "affected"}, {"version": "6.4.0.14", "status": "affected"}, {"version": "6.4.0.15", "status": "affected"}, {"version": "6.4.0.16", "status": "affected"}, {"version": "6.6.0", "status": "affected"}, {"version": "6.6.0.1", "status": "affected"}, {"version": "6.6.1", "status": "affected"}, {"version": "6.6.3", "status": "affected"}, {"version": "6.6.4", "status": "affected"}, {"version": "6.6.5", "status": "affected"}, {"version": "6.6.5.1", "status": "affected"}, {"version": "6.6.5.2", "status": "affected"}, {"version": "6.6.7", "status": "affected"}, {"version": "6.6.7.1", "status": "affected"}, {"version": "6.7.0", "status": "affected"}, {"version": "6.7.0.1", "status": "affected"}, {"version": "6.7.0.2", "status": "affected"}, {"version": "6.7.0.3", "status": "affected"}, {"version": "7.0.0", "status": "affected"}, {"version": "7.0.0.1", "status": "affected"}, {"version": "7.0.1", "status": "affected"}, {"version": "7.0.1.1", "status": "affected"}, {"version": "7.0.2", "status": "affected"}, {"version": "7.0.2.1", "status": "affected"}, {"version": "7.0.3", "status": "affected"}, {"version": "7.0.4", "status": "affected"}, {"version": "7.0.5", "status": "affected"}, {"version": "7.1.0", "status": "affected"}, {"version": "7.1.0.1", "status": "affected"}, {"version": "7.1.0.2", "status": "affected"}, {"version": "7.1.0.3", "status": "affected"}, {"version": "7.2.0", "status": "affected"}, {"version": "7.2.1", "status": "affected"}, {"version": "7.2.2", "status": "affected"}, {"version": "7.2.0.1", "status": "affected"}, {"version": "7.2.3", "status": "affected"}, {"version": "7.2.3.1", "status": "affected"}, {"version": "7.3.0", "status": "affected"}, {"version": "7.3.1", "status": "affected"}, {"version": "7.3.1.1", "status": "affected"}]}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Improper Privilege Management", "type": "cwe", "cweId": "CWE-269"}]}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN", "name": "cisco-sa-fmc-cmd-inj-29MP49hN"}], "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H", "baseScore": 9.9, "baseSeverity": "CRITICAL", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "availabilityImpact": "HIGH"}}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-fmc-cmd-inj-29MP49hN", "discovery": "INTERNAL", "defects": ["CSCwd02925"]}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:57:35.642Z"}, "title": "CVE Program Container", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN", "name": "cisco-sa-fmc-cmd-inj-29MP49hN", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6BF3D02-3BA0-4736-B78D-3634E3E91623", "versionEndIncluding": "6.2.3.18", "versionStartIncluding": "6.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "6FBA1598-02FE-4855-8449-E2FF06EF8276", "versionEndIncluding": "6.4.0.16", "versionStartIncluding": "6.4.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "AF3259C7-8F36-46B1-A1BA-C2F9AC165A2D", "versionEndIncluding": "6.6.7.1", "versionStartIncluding": "6.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "79C97BD3-D82A-493B-BCBB-9909ED80D084", "versionEndIncluding": "6.7.0.3", "versionStartIncluding": "6.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BE29E8B-5D64-4CF6-B8CB-A38E991A9BB9", "versionEndIncluding": "7.0.5", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "749D90E8-9009-4F05-8C5E-2521A9BC7D32", "versionEndIncluding": "7.1.0.3", "versionStartIncluding": "7.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "D44E33FB-20A2-448B-A901-3BD383E45F2B", "versionEndIncluding": "7.2.3.1", "versionStartIncluding": "7.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:firepower_management_center:*:*:*:*:*:*:*:*", "matchCriteriaId": "E355BD8E-18E7-4405-8F32-0A191DCE0774", "versionEndIncluding": "7.3.1.1", "versionStartIncluding": "7.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Firepower Management Center (FMC) podr\u00eda permitir que un atacante remoto autenticado ejecute ciertos comandos de configuraci\u00f3n no autorizados en un dispositivo Firepower Threat Defense (FTD) administrado por el software FMC. Esta vulnerabilidad se debe a una autorizaci\u00f3n insuficiente de los comandos de configuraci\u00f3n que se env\u00edan a trav\u00e9s de la interfaz del servicio web. Un atacante podr\u00eda aprovechar esta vulnerabilidad autentic\u00e1ndose en la interfaz de servicios web de FMC y enviando una solicitud HTTP manipulada a un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante ejecutar ciertos comandos de configuraci\u00f3n en el dispositivo FTD objetivo. Para explotar con \u00e9xito esta vulnerabilidad, un atacante necesitar\u00eda credenciales v\u00e1lidas en el software FMC."}], "id": "CVE-2023-20048", "lastModified": "2024-01-25T17:15:27.633", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "ykramarz@cisco.com", "type": "Secondary"}]}, "published": "2023-11-01T18:15:08.907", "references": [{"source": "ykramarz@cisco.com", "tags": ["Vendor Advisory"], "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN"}], "sourceIdentifier": "ykramarz@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-269"}], "source": "ykramarz@cisco.com", "type": "Secondary"}]}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact Low

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object